Expand my Community achievements bar.

SOLVED

AEM 6.5 Asset direct link downloads ,does not open asset in browser

Avatar

Level 2

Dear Team,

 

Issue : 

I have a file on this path http://localhost:4502/assetdetails.html/content/dam/we-retail/en/activities/hiking/abc.mp4,​ when I try to access this video file by direct link like this: http://localhost:4502/content/dam/we-retail/en/activities/hiking/abc.mp4, Video gets downloaded . I know it is expected behavior.

what if we need to open assets in Browser rather than downloading it ?

Description:

I am facing this  issue in AEM 6.5 (without any service packs). I tried all possible tricks with Content Disposition filter like check/uncheck flag , putting proper values in included resource paths , but still it downloads my video assets rather than streaming in browser.

I am referring video assets through direct DAM link .

 

May I request if someone can be able to help me out here .

 

Thanks in advance.

1 Accepted Solution

Avatar

Correct answer by
Level 4

Hi There,

 

This behavior is same in earlier version as well. One way is to put "Included Resource Paths & Content Types" like shown below however it is very restrictive way as regular expression does not work and path prefix has to be put up.

 

sameerb50449612_0-1579772293498.png

 

I suggest you just uncheck the all resources and handle the same at apache level. So basically all the assets will be shown in-browser for streaming and then whenever you want to override this behavior, do that at dispatcher layer by adding for example below snippet:

     <FilesMatch "\.pdf$">  

         Header set Content-Disposition attachment  

     </FilesMatch>  

View solution in original post

3 Replies

Avatar

Correct answer by
Level 4

Hi There,

 

This behavior is same in earlier version as well. One way is to put "Included Resource Paths & Content Types" like shown below however it is very restrictive way as regular expression does not work and path prefix has to be put up.

 

sameerb50449612_0-1579772293498.png

 

I suggest you just uncheck the all resources and handle the same at apache level. So basically all the assets will be shown in-browser for streaming and then whenever you want to override this behavior, do that at dispatcher layer by adding for example below snippet:

     <FilesMatch "\.pdf$">  

         Header set Content-Disposition attachment  

     </FilesMatch>  

Avatar

Employee
This is correct. The Content Disposition Filter causes the asset to download as a security measure. You could technically embed a malicious script inside say an SVG asset which if rendered within the browser could execute code unknowingly.

Avatar

Level 1

@arvindp66202646  I also faced similar issue while performing AEM upgrade from 6.3 to 6.5 SP4

Reason - Reason is the response header ‘content-disposition: attachment’. 

issue-19-screen-1.jpg

Solution : There are two possible solutions -

#Solution1 -

  • Control the content-disposition using 'Apache Sling Content Disposition Filter' 
  • Configure the property 'Enable for all Resource Paths' to true. Do not set the content-disposition header explicitly.
  • Keep the content-disposition header to its default value - 'Inline'
  • issue-19-screen-2.jpg

#Solution2 - Second solution is to handle the same at apache level and dispatcher level - the approach suggested by @SameerBhalerao  in this thread.

Thanks